#!/bin/sh
# Source: https://groups.google.com/forum/#!topic/antizapret/lAebxVcPGc8

wget https://raw.github.com/msva/antizapret/master/list.txt

BLOCK_LIST=list.txt
if [ ! -f $BLOCK_LIST ]
    then
        echo "Unable to add blocks to IPTABLES because file $BLOCK_LIST is missing"
    exit
fi

CURRENT_RULES=`iptables -nL`
    while read entries ;do
    # skip comment lines starting with ; or #
    case $entries in
        \#*|\;*)
    continue
    ;;
    esac

    if [[ $CURRENT_RULES =~ $entries ]]
        then
    printf "%-20s %20s\n" $entries 'already referenced in iptable - skipping'
        else
    # is this CIDR, range or single IP?
    if [[ $entries =~ "-" ]]
        then
    #--src-range
    printf "%-20s %20s %1s %1s\n" 'ADDING RULE:' 'iptables -A INPUT --src-range' $entries '-j DROP'
    iptables -A INPUT --src-range $entries -j DROP
    else
        #--CIDR or single
        printf "%-20s %20s %1s %1s\n" 'ADDING RULE:' 'iptables -A INPUT -s' $entries '-j DROP'
        iptables -A INPUT -s $entries -j DROP
    fi
fi
done < $BLOCK_LIST
